manifoldcf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Connectors Framework > FAQ
Date Wed, 11 Apr 2012 08:37:00 GMT
Space: Apache Connectors Framework (https://cwiki.apache.org/confluence/display/CONNECTORS)
Page: FAQ (https://cwiki.apache.org/confluence/display/CONNECTORS/FAQ)
Comment: https://cwiki.apache.org/confluence/display/CONNECTORS/FAQ?focusedCommentId=27843802#comment-27843802

Comment added by Anonymous:
---------------------------------------------------------------------

I've got ManifoldCF configured with a SharePoint repository connector and a Solr outpur connector.

I'm using the ManifoldCF security search component to authorise users for search results.

The problem is that I have _2_ Active Directory domains that I need to use for authorisation
(one is for internal users, the other for extranet users). So I've setup two Active Directory
authority connections, named 'Internal AD' and External AD'.

But I can't see how to get this working, as I can only specify a single authority for the
SharePoint repository connector.

If I select one of the AD authorities as the authority for the SharePoint repository connector,
then {{allow_token_document}} is always prefixed with the name of that authority, regardless
of the domain the user/group actually belongs to. This isn't going to work with the ManifoldCF
authority service, {{UserACLs}}, which prefixes SIDs with the name of the authority the SID
belongs to.

If I select 'None (Global Authority)' as the authority for the SharePoint repository connector
then {{allow_token_document}} is _not_ prefixed with the authority name, but of course those
returned by the ManifoldCF authority service, {{UserACLs}}, are still prefixed with the authority
name.

I guess I could modify the ManifoldCF authority service, {{UserACLs}}, to take an extra parameter
that would alter the behaviour so it doesn't prefix SIDs with the authority name... but I'd
rather not be modifying the source if I can help it. Is there some way to achieve what I'm
after?

Hope this all makes sense :)



Change your notification preferences: https://cwiki.apache.org/confluence/users/viewnotifications.action

Mime
View raw message